Qualification suite that proves forjar works on real infrastructure.
Every recipe is a real forjar config applied to real machines. When a recipe exposes a bug or missing feature, we stop, implement the fix in forjar, then retry and mark it qualified.
Primary runner: Self-hosted Intel (32-core Xeon, 283 GB RAM, 2x AMD GPU)
# Validate all recipes
cargo run --example validate_all
# Plan all recipes (dry-run)
cargo run --example plan_all
# Qualify a single recipe on the runner
make qualify-recipe RECIPE=01
# Update README dashboard from CSV
make update-qualifications| Gate | Threshold |
|---|---|
| Test coverage | >= 95% (cargo llvm-cov) |
| Lint | Zero warnings (cargo clippy -- -D warnings) |
| Format | Zero diff (cargo fmt --check) |
| Code health | pmat comply check passes |
| Shell safety | bashrs lint scripts/ Makefile |
| Docs | ./scripts/check-docs-consistency.sh |
Qualification Summary (updated: 2026-03-03 15:49 UTC)
| Status | Count |
|---|---|
| Qualified | 57 |
| Blocked | 5 |
| Pending | 0 |
Grade Distribution
| Grade | Count |
|---|---|
| A | 57 |
| B | 0 |
| C | 0 |
| D | 0 |
| F | 5 |
| # | Recipe | Category | Status | Grade | Tier | Idempotent | Time (1st) | Time (2nd) | Score | Blocker |
|---|---|---|---|---|---|---|---|---|---|---|
| 1 | developer-workstation | infra |  |
 |
2+3 | Strong | 7.6s | 408ms | 94 | — |
| 2 | web-server | infra | |
|
2+3 | Strong | 11.5s | 971ms | 94 | — |
| 3 | postgresql-database | infra | |
|
2+3 | Strong | 17.6s | 364ms | 94 | — |
| 4 | monitoring-stack | infra | |
|
2+3 | Weak | 9.2s | 429ms | 93 | — |
| 5 | redis-cache | infra | |
|
2+3 | Weak | 9.1s | 382ms | 93 | — |
| 6 | ci-runner | infra | |
|
3 | Strong | 8.1s | 363ms | 94 | — |
| 7 | rocm-gpu | gpu |  |
 |
3 | Strong | — | — | 0 | FJ-1126: ROCm userspace not installed |
| 8 | nvidia-gpu | gpu | |
|
3 | Strong | — | — | 0 | FJ-1127: No NVIDIA hardware |
| 9 | secure-baseline | infra | |
|
2+3 | Strong | 36.8s | 355ms | 93 | — |
| 10 | nfs-file-server | infra | |
|
3 | Strong | — | — | 0 | FJ-1128: NFS kernel modules not loaded |
| 11 | dev-shell | nix | |
|
1+2 | Strong | 714ms | 22ms | 94 | — |
| 12 | toolchain-pin | nix | |
|
1+2 | Strong | 980ms | 21ms | 95 | — |
| 13 | build-sandbox | nix | |
|
1+2 | Strong | 639ms | 21ms | 94 | — |
| 14 | system-profile | nix | |
|
1+2 | Strong | 1.5s | 23ms | 94 | — |
| 15 | workspace | nix | |
|
1+2 | Strong | 1.3s | 25ms | 93 | — |
| 16 | rust-release | rust | |
|
1+2 | Strong | 712ms | 22ms | 94 | — |
| 17 | static-musl | rust | |
|
1+2 | Strong | 906ms | 22ms | 94 | — |
| 18 | multi-stage-build | rust | |
|
1+2 | Strong | 6.9s | 36ms | 95 | — |
| 19 | cross-compile | rust | |
|
1+2 | Strong | 1.1s | 22ms | 94 | — |
| 20 | sovereign-stack | advanced | |
|
2+3 | Strong | 1.2s | 21ms | 94 | — |
| 21 | apr-model | advanced | |
|
3 | Weak | 1.5s | 24ms | 93 | — |
| 22 | secrets-lifecycle | advanced | |
|
2+3 | Strong | — | — | 0 | FJ-1129: Secret provider exec fails |
| 23 | tls-certificates | advanced | |
|
2+3 | Strong | 1.1s | 23ms | 95 | — |
| 24 | fleet-provisioning | advanced | |
|
2+3 | Strong | 1.2s | 21ms | 94 | — |
| 25 | apt-repo | packages | |
|
2+3 | Strong | 883ms | 22ms | 95 | — |
| 26 | deb-package | packages | |
|
2+3 | Strong | 1.1s | 23ms | 94 | — |
| 27 | private-apt-repo | packages | |
|
2+3 | Strong | — | — | 0 | FJ-1130: GPG key import fails |
| 28 | rpm-build | packages | |
|
2+3 | Strong | 1.1s | 24ms | 94 | — |
| 29 | distribution-pipeline | packages | |
|
2+3 | Strong | 1.2s | 21ms | 94 | — |
| 30 | saved-plan | opentofu | |
|
1+2 | Strong | 833ms | 22ms | 95 | — |
| 31 | json-plan | opentofu | |
|
1+2 | Strong | 764ms | 21ms | 94 | — |
| 32 | check-blocks | opentofu | |
|
1+2 | Strong | 809ms | 210ms | 91 | — |
| 33 | lifecycle | opentofu | |
|
1+2 | Strong | 921ms | 22ms | 95 | — |
| 34 | moved-blocks | opentofu | |
|
1+2 | Strong | 508ms | 22ms | 94 | — |
| 35 | refresh-only | opentofu | |
|
1+2 | Strong | 738ms | 19ms | 95 | — |
| 36 | resource-targeting | opentofu | |
|
1+2 | Strong | 843ms | 22ms | 94 | — |
| 37 | testing-dsl | opentofu | |
|
1+2 | Strong | 713ms | 22ms | 94 | — |
| 38 | state-encryption | opentofu | |
|
1+2 | Strong | 968ms | 22ms | 95 | — |
| 39 | cross-config | opentofu | |
|
1+2 | Strong | 736ms | 23ms | 95 | — |
| 40 | scheduled-tasks | linux | |
|
2+3 | Strong | 1.2s | 21ms | 95 | — |
| 41 | user-provisioning | linux | |
|
2+3 | Strong | 375ms | 22ms | 94 | — |
| 42 | kernel-tuning | linux | |
|
2+3 | Strong | 910ms | 20ms | 95 | — |
| 43 | log-management | linux | |
|
2+3 | Strong | 1.0s | 22ms | 94 | — |
| 44 | time-sync | linux | |
|
2+3 | Strong | 810ms | 21ms | 94 | — |
| 45 | custom-systemd-units | linux | |
|
2+3 | Strong | 970ms | 20ms | 95 | — |
| 46 | resource-limits | linux | |
|
2+3 | Strong | 758ms | 22ms | 95 | — |
| 47 | automated-patching | linux | |
|
2+3 | Strong | 988ms | 21ms | 94 | — |
| 48 | hostname-locale-dns | linux | |
|
2+3 | Strong | 1.0s | 19ms | 95 | — |
| 49 | swap-memory | linux | |
|
3 | Weak | 711ms | 22ms | 93 | — |
| 50 | failure-partial-apply | failure | |
|
2+3 | Strong | 788ms | 23ms | 95 | — |
| 51 | failure-state-recovery | failure | |
|
2+3 | Strong | 936ms | 24ms | 95 | — |
| 52 | failure-idempotent-crash | failure | |
|
2+3 | Strong | 695ms | 22ms | 95 | — |
| 53 | stack-dev-server | composability | |
|
2+3 | Strong | 1.1s | 23ms | 94 | — |
| 54 | stack-web-production | composability | |
|
2+3 | Strong | 1.3s | 22ms | 94 | — |
| 55 | stack-gpu-lab | composability | |
|
3 | Strong | 1.1s | 21ms | 94 | — |
| 56 | stack-build-farm | composability | |
|
2+3 | Strong | 1.2s | 22ms | 94 | — |
| 57 | stack-package-pipeline | composability | |
|
2+3 | Strong | 1.3s | 21ms | 94 | — |
| 58 | stack-ml-inference | composability | |
|
3 | Weak | 1.3s | 21ms | 93 | — |
| 59 | stack-ci-infrastructure | composability | |
|
2+3 | Strong | 1.1s | 21ms | 94 | — |
| 60 | stack-sovereign-ai | composability | |
|
3 | Strong | 1.8s | 22ms | 94 | — |
| 61 | stack-fleet-baseline | composability | |
|
2+3 | Strong | 1.2s | 42ms | 94 | — |
| 62 | stack-cross-distro | composability | |
|
2+3 | Strong | 1.3s | 22ms | 94 | — |
MIT